Certain aspects of the present disclosure provide techniques for access control. Embodiments include receiving, by a satellite component of an access control system, a request from a computing device to verify an identity of the computing device, wherein the request comprises one or more characteristics of the computing device. Embodiments include verifying, by the satellite component, that the one or more characteristics of the computing device are valid, the verifying comprising one or more interactions with a management entity related to the computing device. Embodiments include generating, by the satellite component, a signed document that is trusted by a control component of the access control system. Embodiments include providing, by the satellite component, the signed document to the computing device for use in requesting credentials from the control component to access a secure resource.
Legal claims defining the scope of protection, as filed with the USPTO.
3. The method of claim 2, wherein verifying, by the satellite component, that the one or more characteristics of the computing device are valid further comprises receiving an indication of the one or more characteristics from the management entity.
5. The method of claim 1, wherein the management entity corresponds to a platform service provider of the computing device, and wherein the satellite component interacts with the management entity via an application programming interface (API) provided by the platform service provider.
6. The method of claim 1, wherein the signed document comprises a list of the one or more characteristics and a signature that is shared between the satellite component and the control component.
8. The method of claim 7, wherein the satellite component has verified that the one or more characteristics of the computing device are valid through the one or more interactions with the management entity.
9. The method of claim 7, wherein the management entity corresponds to a platform service provider of the computing device, and wherein the satellite component interacts with the management entity via an application programming interface (API) provided by the platform service provider.
11. The method of claim 7, wherein the signed document comprises a list of the one or more characteristics.
14. The system of claim 13, wherein verifying, by the satellite component, that the one or more characteristics of the computing device are valid further comprises receiving an indication of the one or more characteristics from the management entity.
16. The system of claim 12, wherein the management entity corresponds to a platform service provider of the computing device, and wherein the satellite component interacts with the management entity via an application programming interface (API) provided by the platform service provider.
17. The system of claim 12, wherein the signed document comprises a list of the one or more characteristics and a signature that is shared between the satellite component and the control component.
18. The method of claim 1, wherein the control component is unable to access the management entity.
19. The method of claim 7, wherein the control component is unable to access the management entity.
20. The system of claim 12, wherein the control component is unable to access the management entity.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
March 20, 2020
May 9, 2023
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.